I cannot login to my Athom account anymore because of 2FA. When i enter my credentials the popup for 2FA doesn’t “pop up”. When i hit log in i only get “The provided 2FA token is incorrect. Please try again.” but no way to enter it.=
I tried an incognito window in Chrome, so that i don’t have my extensions which makes it work for now. But i use t he lastpass extension to login, so i would like a solution that enables me to keep that extension.
So please. Help?! xD
Disable each extension one after the other, reload the login page after each, and see which one is causing the issues. Then either tell support@athom.com about your findings, or (if possible) disable that extension for Homey’s login page.
The problem is with the Lastpass extension, which autofills my passwords. But i want to keep using it because it stores my Athom password. I will try contacting them thank you 
Just a thought, isn’t some of site exclusion possible?
So you could copy/paste the cred. manually from LP for Homey sites?
(@ Security folks: Don’t panic, LP should auto-erase the cred. from clipboard after x secs.)
I don’t believe this is possible with the Lastpass extension.
When i enter my credentials the popup for 2FA doesn’t “pop up”. When i hit log in i only get “The provided 2FA token is incorrect. Please try again.” but no way to enter it.
I recently faced this exact problem, and I finally discovered the underlying problem - caused by the LastPass Extension:
Edit the Homey entry in LastPass. In the edit view, you should have a small wrench icon somewhere at the bottom, to edit all the form fields for the login (and not just the username and password). Here I found that - for some unknown reason - LastPass had also included a form field for the OTP field (I guess, probably with a value form the first time I logged in in the web app). And when in the login form for homey.app, even though you only see the username and password fields, the OTP field is there - but is is hidden. But the hidden field gets filled by LastPass, since it has a matching form field in the saved LastPass item. The result is that both the username and password, together with an invalid OTP from a long time ago, all get submitted when you click login, and homey.app correctly (but with a bad user experience) replies that the OTP is invalid.
In my opinion, both LastPass and homey.app are to blame: LastPass for filling the hidden field in the first place, and home.app for not displaying the OTP field when you get error from the invalid login attempt.
The solution is to remove the OTP form field item from the LastPass entry. After that I also had to clear the LastPass cache and refresh sites (found under Account options > Advanced in the LastPass menu).
